ArduWorm: A Functional Malware Targeting Arduino Devices

Abstract—The Internet of Things (IoT) is a growing market which provides several benefits for industry, governments and end users. However, the increasing use of embedded and pervasive devices introduces new vulnerabilities in the network. In the last years, the number of malware and exploits targeting the IoT has grown considerably, which issues a challenge for the industry and the academy. To further motivate this challenge, in this paper we describe a malware piece targeting Arduino Yun, which is a common platform used in IoT scenarios. The malware, dubbed ArduWorm, is able to bypass all the security implemented in Arduino by exploiting a memory corruption vulnerability and hijack the device. Moreover, due to the architectural flaws found in Arduino Yun, the malware is able to get the control of a Linux-based microprocessor integrated in the device with full privileges, which allows it to install a backdoor and spread as a worm through the compromised network.